BIT-NGINX-AGENT-2024-7634 NGINX Agent Vulnerability

NGINX Agent's "configdirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory...

BIT-NGINX-AGENT-2023-1550 NGINX Agent vulnerability CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

EUVD-2024-48521

Malicious code in bioql PyPI...

EUVD-2023-23784

Malicious code in bioql PyPI...

The vulnerability of the config_dirs function in the NGINX Agent demon and the NGINX Instance Manager automation platform allows a hacker to write or overwrite any files they desire.

The vulnerability of the configdirs function in the NGINX Agent demon and the NGINX Instance Manager platform relates to the ability to load arbitrary files beyond the expected directory path. Exploiting this vulnerability allows a malicious actor to write or rewrite arbitrary files remotely...

SUSE CVE-2024-7634

NGINX Agent's "configdirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory...

CVE-2024-7634

NGINX Agent's "configdirs" restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory...

K000140630: NGINX Agent vulnerability CVE-2024-7634

Security Advisory Description NGINX Agent's configdirs restriction feature allows a highly privileged attacker to gain the ability to write/overwrite files outside of the designated secure directory. CVE-2024-7634 Impact Under the default configuration, a user can overwrite arbitrary files on any...

PT-2024-6180 · Nginx · Nginx Agent

Name of the Vulnerable Software and Affected Versions: NGINX Agent affected versions not specified Description: The issue is related to the config dirs function of the NGINX Agent and NGINX Instance Manager platform, which allows an attacker to upload arbitrary files outside the intended director...

The vulnerability of the NGINX Agent and the NGINX Instance Manager automation platform, related to insufficient protection of registration data, allows a perpetrator to gain access to secret keys.

The vulnerability of the NGINX Agent and the NGINX Instance Manager automation platform is related to insufficient protection of registration data. Exploiting this vulnerability can allow attackers to gain access to secret keys...

CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

Design/Logic Flaw

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

CVE-2023-1550 NGINX Agent vulnerability CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

K000133135: NGINX Agent vulnerability CVE-2023-1550

Security Advisory Description NGINX Agent inserts sensitive information into a log file. CVE-2023-1550 Impact An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note :...

NGINX Agent 日志信息泄露漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from the US-based Nginx Corporation. A log information disclosure vulnerability exists in NGINX Agent version 2.0 prior to 2.23.3, which stems from NGINX Agent inserting sensitive information into log files...

PT-2023-2180 · Nginx · Nginx Agent

Name of the Vulnerable Software and Affected Versions: NGINX Agent versions 2.0 through 2.23.2 Description: The issue is related to insufficient protection of registration data, which may allow an attacker to gain access to private keys. This can occur when an authenticated attacker with local...